You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Marc Fromm <Ma...@wwu.edu> on 2008/03/19 23:32:59 UTC
[users@httpd] .htaccess files not recognized
1.) I created an .htpasswd file with a user using the command
htpasswd -mbc /etc/.htpasswd username password
group and other have read permissions
2.) I created an .htaccess file in a web directory with the following
AuthType Basic
AuthName "Outside Access"
AuthUserfile /etc/.htpasswd
require user username
Satisfy All
<Limit GET POST>
require valid-user
</Limit>
Group and other have read and execute permissions
I restarted httpd
3.) httpd.conf is set to recognize .htaccess file names.
When I browse to the site I am not prompted for the password.
Is there another setting someplace to enable the use of the .htaccess
file?
Marc Fromm
Information Technology Specialist II
Financial Aid Department
Western Washington University
Phone: 360-650-3351
Fax: 360-788-0251
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] .htaccess files not recognized
Posted by Joshua Slive <jo...@slive.ca>.
On Wed, Mar 19, 2008 at 6:32 PM, Marc Fromm <Ma...@wwu.edu> wrote:
> 1.) I created an .htpasswd file with a user using the command
> htpasswd -mbc /etc/.htpasswd username password
> group and other have read permissions
>
> 2.) I created an .htaccess file in a web directory with the following
> AuthType Basic
> AuthName "Outside Access"
> AuthUserfile /etc/.htpasswd
> require user username
> Satisfy All
> <Limit GET POST>
> require valid-user
> </Limit>
>
> Group and other have read and execute permissions
> I restarted httpd
>
> 3.) httpd.conf is set to recognize .htaccess file names.
>
> When I browse to the site I am not prompted for the password.
> Is there another setting someplace to enable the use of the .htaccess
> file?
1. Throw out whatever tutorial you used to construct that .htaccess
file. It is giving you bad (and dangerous) advice. In particular, the
<Limit GET POST> and </Limit> lines should be removed.
2. Try http://httpd.apache.org/docs/2.2/howto/htaccess.html instead.
3. Check the AllowOverride directive in httpd.conf.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org